To prevent account "ripping" and secure Facebook accounts against these threats, the following measures are recommended:
To understand the landscape of this request, the following components are defined:
Facebook’s “Remember Me” feature generates a persistent session cookie. Attackers discovered that if they could steal this cookie via info-stealer malware (e.g., RedLine, Raccoon) or cross-site scripting (XSS), they could bypass 2FA entirely. The 2FA prompt is only required during login; a valid session cookie proves prior authentication. Facebook’s session binding to IP address was optional and often disabled for usability.